From owner-freebsd-current  Tue Nov  5 11: 7: 7 2002
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B8EF237B401
	for <freebsd-current@freebsd.org>; Tue,  5 Nov 2002 11:07:03 -0800 (PST)
Received: from isilon.com (isilon.com [65.101.129.58])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4D88A43E42
	for <freebsd-current@freebsd.org>; Tue,  5 Nov 2002 11:07:03 -0800 (PST)
	(envelope-from chad@isilon.com)
Received: from gateway.isilon.com (gateway.isilon.com [172.16.1.200])
	by isilon.com (8.12.2/8.11.1) with ESMTP id gA5J721l056208
	for <freebsd-current@freebsd.org>; Tue, 5 Nov 2002 11:07:02 -0800 (PST)
	(envelope-from chad@isilon.com)
Date: Tue, 5 Nov 2002 11:07:02 -0800 (PST)
From: Chad Parry <chad@isilon.com>
To: freebsd-current@freebsd.org
Subject: Hello World stuck in infinite loop
Message-ID: <Pine.BSF.4.21.0211051103540.55960-200000@isilon.com>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="0-1317700288-1036523222=:55960"
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime@docserver.cac.washington.edu for more info.

--0-1317700288-1036523222=:55960
Content-Type: TEXT/PLAIN; charset=US-ASCII

I'm seeing an infinite loop that can be traced to a signal handler in the 
uthread module.  I'm using a snapshot of CURRENT from 2002-01-09.

Repro:
Write the classic hello world program.  When you build it, link in 
libc_r.  Use a shell script to execute it over and over in a tight 
loop.  This works on my box (using zsh):

# echo 'main() { printf("Hello World!\\n"); }' > hello.c
# gcc -o hello hello.c -lc_r
# while [ 1 ]; do ./hello; done

Then hold down CTRL^T at the console.  Within a few seconds, the "Hello 
World"'s will stop getting printed out.  CPU usage will climb to around 
98%.

At that point, you can attach a debugger and see that the SIGINFO was 
caught by _thread_sig_handler().  You can also see that _thread_init() was
not finished yet when the signal was raised.  Most of the stack doesn't
look correct to me, but I think that _thread_dump_info() gets called,
which calls snprintf(3), which has a helper that calls 
_thread_init() again.  Somewhere inside this nested _thread_init call the 
process might end up in a spin lock that is locked against itself.

Ha ha!  Hello World gets into an infinite loop!  Obviously this bug can be 
reproduced with any program that uses the uthread module.

My own tests show that the attached patch to the _thread_init function 
fixes the problem.  I just moved the registration of the signal handler to 
a spot _after_ where the data used by the handler had been initialized.  I 
don't know what the repercussions are for messing with this part of the 
thread library.  Does this patch look safe to anybody else?  (I'm not 
suggesting it get committed, but I would like to know what might go wrong 
if I use it on my own source).  Do you know what the correct fix is?  (I 
know 4.3-STABLE didn't have this bug, and the registration of the signal
handler hasn't changed since then).

-- chad

--0-1317700288-1036523222=:55960
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="uthread.diff"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.BSF.4.21.0211051107020.55960@isilon.com>
Content-Description: 
Content-Disposition: attachment; filename="uthread.diff"

LS0tIHNyYy9saWIvbGliY19yL3V0aHJlYWQvdXRocmVhZF9pbml0LmMub3Jp
ZwlNb24gTm92ICA0IDE3OjIxOjI0IDIwMDINCisrKyBzcmMvbGliL2xpYmNf
ci91dGhyZWFkL3V0aHJlYWRfaW5pdC5jCVR1ZSBOb3YgIDUgMTA6NTk6NDkg
MjAwMg0KQEAgLTM0OSw2ICszNDksNTkgQEANCiAJCVRBSUxRX0lOU0VSVF9I
RUFEKCZfdGhyZWFkX2xpc3QsIF90aHJlYWRfaW5pdGlhbCwgdGxlKTsNCiAJ
CV9zZXRfY3VydGhyZWFkKF90aHJlYWRfaW5pdGlhbCk7DQogDQorCQkvKiBH
ZXQgdGhlIGtlcm5lbCBjbG9ja3JhdGU6ICovDQorCQltaWJbMF0gPSBDVExf
S0VSTjsNCisJCW1pYlsxXSA9IEtFUk5fQ0xPQ0tSQVRFOw0KKwkJbGVuID0g
c2l6ZW9mIChzdHJ1Y3QgY2xvY2tpbmZvKTsNCisJCWlmIChzeXNjdGwobWli
LCAyLCAmY2xvY2tpbmZvLCAmbGVuLCBOVUxMLCAwKSA9PSAwKQ0KKwkJCV9j
bG9ja19yZXNfdXNlYyA9IGNsb2NraW5mby50aWNrID4gQ0xPQ0tfUkVTX1VT
RUNfTUlOID8NCisJCQkgICAgY2xvY2tpbmZvLnRpY2sgOiBDTE9DS19SRVNf
VVNFQ19NSU47DQorDQorCQkvKiBHZXQgdGhlIHRhYmxlIHNpemU6ICovDQor
CQlpZiAoKF90aHJlYWRfZHRhYmxlc2l6ZSA9IGdldGR0YWJsZXNpemUoKSkg
PCAwKSB7DQorCQkJLyoNCisJCQkgKiBDYW5ub3QgZ2V0IHRoZSBzeXN0ZW0g
ZGVmaW5lZCB0YWJsZSBzaXplLCBzbyBhYm9ydA0KKwkJCSAqIHRoaXMgcHJv
Y2Vzcy4NCisJCQkgKi8NCisJCQlQQU5JQygiQ2Fubm90IGdldCBkdGFibGVz
aXplIik7DQorCQl9DQorCQkvKiBBbGxvY2F0ZSBtZW1vcnkgZm9yIHRoZSBm
aWxlIGRlc2NyaXB0b3IgdGFibGU6ICovDQorCQlpZiAoKF90aHJlYWRfZmRf
dGFibGUgPSAoc3RydWN0IGZkX3RhYmxlX2VudHJ5ICoqKSBtYWxsb2Moc2l6
ZW9mKHN0cnVjdCBmZF90YWJsZV9lbnRyeSAqKSAqIF90aHJlYWRfZHRhYmxl
c2l6ZSkpID09IE5VTEwpIHsNCisJCQkvKiBBdm9pZCBhY2Nlc3NlcyB0byBm
aWxlIGRlc2NyaXB0b3IgdGFibGUgb24gZXhpdDogKi8NCisJCQlfdGhyZWFk
X2R0YWJsZXNpemUgPSAwOw0KKw0KKwkJCS8qDQorCQkJICogQ2Fubm90IGFs
bG9jYXRlIG1lbW9yeSBmb3IgdGhlIGZpbGUgZGVzY3JpcHRvcg0KKwkJCSAq
IHRhYmxlLCBzbyBhYm9ydCB0aGlzIHByb2Nlc3MuDQorCQkJICovDQorCQkJ
UEFOSUMoIkNhbm5vdCBhbGxvY2F0ZSBtZW1vcnkgZm9yIGZpbGUgZGVzY3Jp
cHRvciB0YWJsZSIpOw0KKwkJfQ0KKwkJLyogQWxsb2NhdGUgbWVtb3J5IGZv
ciB0aGUgcG9sbGZkIHRhYmxlOiAqLw0KKwkJaWYgKChfdGhyZWFkX3BmZF90
YWJsZSA9IChzdHJ1Y3QgcG9sbGZkICopIG1hbGxvYyhzaXplb2Yoc3RydWN0
IHBvbGxmZCkgKiBfdGhyZWFkX2R0YWJsZXNpemUpKSA9PSBOVUxMKSB7DQor
CQkJLyoNCisJCQkgKiBDYW5ub3QgYWxsb2NhdGUgbWVtb3J5IGZvciB0aGUg
ZmlsZSBkZXNjcmlwdG9yDQorCQkJICogdGFibGUsIHNvIGFib3J0IHRoaXMg
cHJvY2Vzcy4NCisJCQkgKi8NCisJCQlQQU5JQygiQ2Fubm90IGFsbG9jYXRl
IG1lbW9yeSBmb3IgcG9sbGZkIHRhYmxlIik7DQorCQl9IGVsc2Ugew0KKwkJ
CS8qDQorCQkJICogRW50ZXIgYSBsb29wIHRvIGluaXRpYWxpc2UgdGhlIGZp
bGUgZGVzY3JpcHRvcg0KKwkJCSAqIHRhYmxlOg0KKwkJCSAqLw0KKwkJCWZv
ciAoaSA9IDA7IGkgPCBfdGhyZWFkX2R0YWJsZXNpemU7IGkrKykgew0KKwkJ
CQkvKiBJbml0aWFsaXNlIHRoZSBmaWxlIGRlc2NyaXB0b3IgdGFibGU6ICov
DQorCQkJCV90aHJlYWRfZmRfdGFibGVbaV0gPSBOVUxMOw0KKwkJCX0NCisN
CisJCQkvKiBJbml0aWFsaXplIHN0ZGlvIGZpbGUgZGVzY3JpcHRvciB0YWJs
ZSBlbnRyaWVzOiAqLw0KKwkJCWZvciAoaSA9IDA7IGkgPCAzOyBpKyspIHsN
CisJCQkJaWYgKChfdGhyZWFkX2ZkX3RhYmxlX2luaXQoaSkgIT0gMCkgJiYN
CisJCQkJICAgIChlcnJubyAhPSBFQkFERikpDQorCQkJCQlQQU5JQygiQ2Fu
bm90IGluaXRpYWxpemUgc3RkaW8gZmlsZSAiDQorCQkJCQkgICAgImRlc2Ny
aXB0b3IgdGFibGUgZW50cnkiKTsNCisJCQl9DQorCQl9DQorDQogCQkvKiBJ
bml0aWFsaXNlIHRoZSBnbG9iYWwgc2lnbmFsIGFjdGlvbiBzdHJ1Y3R1cmU6
ICovDQogCQlzaWdmaWxsc2V0KCZhY3Quc2FfbWFzayk7DQogCQlhY3Quc2Ff
aGFuZGxlciA9ICh2b2lkICgqKSAoKSkgX3RocmVhZF9zaWdfaGFuZGxlcjsN
CkBAIC00MTAsNTkgKzQ2Myw2IEBADQogDQogCQkvKiBHZXQgdGhlIHByb2Nl
c3Mgc2lnbmFsIG1hc2s6ICovDQogCQlfX3N5c19zaWdwcm9jbWFzayhTSUdf
U0VUTUFTSywgTlVMTCwgJl9wcm9jZXNzX3NpZ21hc2spOw0KLQ0KLQkJLyog
R2V0IHRoZSBrZXJuZWwgY2xvY2tyYXRlOiAqLw0KLQkJbWliWzBdID0gQ1RM
X0tFUk47DQotCQltaWJbMV0gPSBLRVJOX0NMT0NLUkFURTsNCi0JCWxlbiA9
IHNpemVvZiAoc3RydWN0IGNsb2NraW5mbyk7DQotCQlpZiAoc3lzY3RsKG1p
YiwgMiwgJmNsb2NraW5mbywgJmxlbiwgTlVMTCwgMCkgPT0gMCkNCi0JCQlf
Y2xvY2tfcmVzX3VzZWMgPSBjbG9ja2luZm8udGljayA+IENMT0NLX1JFU19V
U0VDX01JTiA/DQotCQkJICAgIGNsb2NraW5mby50aWNrIDogQ0xPQ0tfUkVT
X1VTRUNfTUlOOw0KLQ0KLQkJLyogR2V0IHRoZSB0YWJsZSBzaXplOiAqLw0K
LQkJaWYgKChfdGhyZWFkX2R0YWJsZXNpemUgPSBnZXRkdGFibGVzaXplKCkp
IDwgMCkgew0KLQkJCS8qDQotCQkJICogQ2Fubm90IGdldCB0aGUgc3lzdGVt
IGRlZmluZWQgdGFibGUgc2l6ZSwgc28gYWJvcnQNCi0JCQkgKiB0aGlzIHBy
b2Nlc3MuDQotCQkJICovDQotCQkJUEFOSUMoIkNhbm5vdCBnZXQgZHRhYmxl
c2l6ZSIpOw0KLQkJfQ0KLQkJLyogQWxsb2NhdGUgbWVtb3J5IGZvciB0aGUg
ZmlsZSBkZXNjcmlwdG9yIHRhYmxlOiAqLw0KLQkJaWYgKChfdGhyZWFkX2Zk
X3RhYmxlID0gKHN0cnVjdCBmZF90YWJsZV9lbnRyeSAqKikgbWFsbG9jKHNp
emVvZihzdHJ1Y3QgZmRfdGFibGVfZW50cnkgKikgKiBfdGhyZWFkX2R0YWJs
ZXNpemUpKSA9PSBOVUxMKSB7DQotCQkJLyogQXZvaWQgYWNjZXNzZXMgdG8g
ZmlsZSBkZXNjcmlwdG9yIHRhYmxlIG9uIGV4aXQ6ICovDQotCQkJX3RocmVh
ZF9kdGFibGVzaXplID0gMDsNCi0NCi0JCQkvKg0KLQkJCSAqIENhbm5vdCBh
bGxvY2F0ZSBtZW1vcnkgZm9yIHRoZSBmaWxlIGRlc2NyaXB0b3INCi0JCQkg
KiB0YWJsZSwgc28gYWJvcnQgdGhpcyBwcm9jZXNzLg0KLQkJCSAqLw0KLQkJ
CVBBTklDKCJDYW5ub3QgYWxsb2NhdGUgbWVtb3J5IGZvciBmaWxlIGRlc2Ny
aXB0b3IgdGFibGUiKTsNCi0JCX0NCi0JCS8qIEFsbG9jYXRlIG1lbW9yeSBm
b3IgdGhlIHBvbGxmZCB0YWJsZTogKi8NCi0JCWlmICgoX3RocmVhZF9wZmRf
dGFibGUgPSAoc3RydWN0IHBvbGxmZCAqKSBtYWxsb2Moc2l6ZW9mKHN0cnVj
dCBwb2xsZmQpICogX3RocmVhZF9kdGFibGVzaXplKSkgPT0gTlVMTCkgew0K
LQkJCS8qDQotCQkJICogQ2Fubm90IGFsbG9jYXRlIG1lbW9yeSBmb3IgdGhl
IGZpbGUgZGVzY3JpcHRvcg0KLQkJCSAqIHRhYmxlLCBzbyBhYm9ydCB0aGlz
IHByb2Nlc3MuDQotCQkJICovDQotCQkJUEFOSUMoIkNhbm5vdCBhbGxvY2F0
ZSBtZW1vcnkgZm9yIHBvbGxmZCB0YWJsZSIpOw0KLQkJfSBlbHNlIHsNCi0J
CQkvKg0KLQkJCSAqIEVudGVyIGEgbG9vcCB0byBpbml0aWFsaXNlIHRoZSBm
aWxlIGRlc2NyaXB0b3INCi0JCQkgKiB0YWJsZToNCi0JCQkgKi8NCi0JCQlm
b3IgKGkgPSAwOyBpIDwgX3RocmVhZF9kdGFibGVzaXplOyBpKyspIHsNCi0J
CQkJLyogSW5pdGlhbGlzZSB0aGUgZmlsZSBkZXNjcmlwdG9yIHRhYmxlOiAq
Lw0KLQkJCQlfdGhyZWFkX2ZkX3RhYmxlW2ldID0gTlVMTDsNCi0JCQl9DQot
DQotCQkJLyogSW5pdGlhbGl6ZSBzdGRpbyBmaWxlIGRlc2NyaXB0b3IgdGFi
bGUgZW50cmllczogKi8NCi0JCQlmb3IgKGkgPSAwOyBpIDwgMzsgaSsrKSB7
DQotCQkJCWlmICgoX3RocmVhZF9mZF90YWJsZV9pbml0KGkpICE9IDApICYm
DQotCQkJCSAgICAoZXJybm8gIT0gRUJBREYpKQ0KLQkJCQkJUEFOSUMoIkNh
bm5vdCBpbml0aWFsaXplIHN0ZGlvIGZpbGUgIg0KLQkJCQkJICAgICJkZXNj
cmlwdG9yIHRhYmxlIGVudHJ5Iik7DQotCQkJfQ0KLQkJfQ0KIAl9DQogDQog
CS8qIEluaXRpYWxpc2UgdGhlIGdhcmJhZ2UgY29sbGVjdG9yIG11dGV4IGFu
ZCBjb25kaXRpb24gdmFyaWFibGUuICovDQo=
--0-1317700288-1036523222=:55960--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message